| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 23 Sep 2023 19:53:41 -0700 From: Kees Cook <keescook@...omium.org> To: Justin Stitt <justinstitt@...gle.com> Cc: Lucas Stach <l.stach@...gutronix.de>, Russell King <linux+etnaviv@...linux.org.uk>, Christian Gmeiner <christian.gmeiner@...il.com>, David Airlie <airlied@...il.com>, Daniel Vetter <daniel@...ll.ch>, etnaviv@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org, Bo YU <tsu.yubo@...il.com> Subject: Re: [PATCH v2] drm/etnaviv: refactor deprecated strncpy On Mon, Sep 18, 2023 at 01:34:08PM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > We should prefer more robust and less ambiguous string interfaces. > > A suitable replacement is `strscpy_pad` due to the fact that it > guarantees NUL-termination on the destination buffer whilst maintaining > the NUL-padding behavior that strncpy provides. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@...r.kernel.org > Cc: Bo YU <tsu.yubo@...il.com> > Signed-off-by: Justin Stitt <justinstitt@...gle.com> Looks good to me now. Thanks! Reviewed-by: Kees Cook <keescook@...omium.org> (Though again if you need a v3, making the Subject more specific would be nice, "...: Replace strncpy with strscpy_pad" -Kees -- Kees Cook
Powered by blists - more mailing lists